You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/01/23 14:57:59 UTC
svn commit: r1654214 - /webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java

Author: coheigea
Date: Fri Jan 23 13:57:59 2015
New Revision: 1654214

URL: http://svn.apache.org/r1654214
Log:
Adding another test

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java?rev=1654214&r1=1654213&r2=1654214&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java Fri Jan 23 13:57:59 2015
@@ -404,7 +404,71 @@ public class ModifiedRequestTest extends
             fail("Failure expected on a modified EncryptedData CipherValue");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
-            //the error message is not deterministic so we do not do a message comparison
+        }
+    }
+    
+    /**
+     * Test for when some EncryptedData CipherValue data is modified 
+     * (in the security header)
+     */
+    @org.junit.Test
+    public void testModifiedSecurityHeaderEncryptedDataCipherValue() throws Exception {
+        WSSecEncrypt builder = new WSSecEncrypt();
+        builder.setUserInfo("wss40");
+        builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+        builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
+        
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        Crypto wssCrypto = CryptoFactory.getInstance("wss40.properties");
+        
+        WSSecTimestamp timestamp = new WSSecTimestamp();
+        timestamp.setTimeToLive(300);
+        timestamp.build(doc, secHeader);
+        
+        List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+        WSEncryptionPart encP =
+            new WSEncryptionPart(
+                "Timestamp",
+                WSConstants.WSU_NS,
+                "");
+        parts.add(encP);
+        builder.setParts(parts);
+        
+        Document encryptedDoc = builder.build(doc, wssCrypto, secHeader);
+
+        Element securityHeader = 
+            WSSecurityUtil.getSecurityHeader(encryptedDoc, "");
+        Element encryptedTimestamp = 
+            WSSecurityUtil.findElement(securityHeader, "EncryptedData", WSConstants.ENC_NS);
+        Element cipherValue = 
+            WSSecurityUtil.findElement(encryptedTimestamp, "CipherValue", WSConstants.ENC_NS);
+        String cipherText = cipherValue.getTextContent();
+        
+        StringBuilder stringBuilder = new StringBuilder(cipherText);
+        int index = stringBuilder.length() / 2;
+        char ch = stringBuilder.charAt(index);
+        if (ch != 'A') {
+            ch = 'A';
+        } else {
+            ch = 'B';
+        }
+        stringBuilder.setCharAt(index, ch);
+        cipherValue.setTextContent(stringBuilder.toString());
+        
+        String outputString = 
+            XMLUtils.PrettyDocumentToString(encryptedDoc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug(outputString);
+        }
+        
+        WSSecurityEngine newEngine = new WSSecurityEngine();
+        try {
+            newEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), wssCrypto);
+            fail("Failure expected on a modified EncryptedData CipherValue");
+        } catch (WSSecurityException ex) {
+            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
         }
     }
     
@@ -452,7 +516,6 @@ public class ModifiedRequestTest extends
             fail("Failure expected on a modified EncryptedData CipherValue");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
-            //the error message is not deterministic so we do not do a message comparison
         }
     }
 
@@ -509,7 +572,6 @@ public class ModifiedRequestTest extends
             fail("Failure expected on a modified Signature Reference");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
-            assertEquals("The signature or decryption was invalid", ex.getMessage());
         }
     }
     
@@ -538,7 +600,6 @@ public class ModifiedRequestTest extends
             fail("Failure expected on an untrusted Certificate");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
-            assertEquals("The signature or decryption was invalid", ex.getMessage());
         }
     }
     
@@ -574,7 +635,6 @@ public class ModifiedRequestTest extends
             fail("Failure expected on a modified Signature element");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
-            assertEquals("The signature or decryption was invalid", ex.getMessage());
         }
     }